On Nov. 15, Scott Melker, aka “The Wolf of All Streets,” said that one of his followers was hacked in the latest scam targeting Ledger users. While checking his Nano S hardware wallet, the user reported seeing a 503 HTTP API error when it attempted to synchronize, “which in and of itself terrified me.” The victim reached out to Ledger support and reported having the CTO (chief technology office) contact him via direct message on X. This is when alarm bells should have rung as support isn’t that quick, and customers definitely won’t get to speak to executives and are likely to be lumbered with a chatbot. Scam alert. I have been speaking with one of my followers here, who shared that he was hacked this morning on a Ledger scam. Here is what he said happened – “Woke up this
Topics:
Martin Young considers the following as important: AA News, crypto scams, ledger, Phishing
This could be interesting, too:
Wayne Jones writes Institutional Interest in Crypto Assets Surges in Canada: KPMG Report
Chayanika Deka writes SlowMist Exposes Scam Using Malicious RPC Node Modifications
Wayne Jones writes NFT Lending Hits Quarterly High, Surpassing .1 Billion in Q1: CoinGecko
Chayanika Deka writes Bitcoin Breaks Daily Transaction Record Days After Halving
On Nov. 15, Scott Melker, aka “The Wolf of All Streets,” said that one of his followers was hacked in the latest scam targeting Ledger users.
While checking his Nano S hardware wallet, the user reported seeing a 503 HTTP API error when it attempted to synchronize, “which in and of itself terrified me.”
The victim reached out to Ledger support and reported having the CTO (chief technology office) contact him via direct message on X.
This is when alarm bells should have rung as support isn’t that quick, and customers definitely won’t get to speak to executives and are likely to be lumbered with a chatbot.
Scam alert.
I have been speaking with one of my followers here, who shared that he was hacked this morning on a Ledger scam.
Here is what he said happened –
“Woke up this morning and wanted to just do a sanity check on my Nano S – ensure accounts look good and maybe move a…
— The Wolf Of All Streets (@scottmelker) November 14, 2023
Fake Ledger Support
The spurious CTO walked the user through a five-step “fix,” which involved visiting a fake website and entering details about the device and the passphrase.
“I even asked him about why it was required, and he mentioned it was end-to-end encrypted and a requirement to sync,” the victim said before adding:
“Moving too quickly and obviously not thinking clearly, I gave it and within minutes realized my account was completely drained.”
Melker lamented that the person was “on top of his security,” but a simple mistake was all it took.
“This has happened to SO MANY PEOPLE that never tell you about it,” he added.
Genuine support staff will never ask you for your passphrases, and the phishing scam relied on social engineering to induce a mistake by the user and could have happened on any wallet.
What wasn’t detailed was how the scammers quickly commandeered Ledger support channels and posed as company executives.
Ledger users have been hammered with scams and threats over the past few years following a massive company server breach in 2020, which leaked their personal information.
Crypto Scams Remain Rife
On Nov. 14, CryptoPotato reported that scammers were still targeting Friend.tech users. Impostors posing as journalists on the recently launched SocialFi network targeted influencers for interviews and feedback before providing a fake link directing to malware.
Social media is a hotbed of scamming activity, and more people (including celebrities and influencers) are falling victim to phishing and SIM-swap attacks.
Moreover, as crypto markets enter a new bull phase and prices march upward, scammers will evolve, and more sophisticated attack vectors will emerge. Stay alert, and never share your seed phrase on anything other than the platform where it came from.